Back to the Future

January 2019 1

ETT 2019Back to the Future?

January 2019 2

Michael J. Fox as Marty McFly on a hoverboard in 2015 in Back To The Future Part II (1989), screen shot, January 1, 2015. (http://youtube.com). URL: https://donaldearlcollins.com/2015/01/01/back-to-my-future-forward-to-the-past/

Legacy

Future

VMEbus interfacePMC supportBackwards compatible rear I/OVME32 handles and 3-row P2 connector

ETT 2019An Example – one of our new VME boards

January 2019 3

6-core Intel® Xeon® ProcessorUEFI BIOS onlyNVMe M.2 storageEnhanced Security

Legacy Future

VP B7x/msd

January 2019 4

I have to run the same application code we developed x years agoI can’t change the Operating System (or version)I want to retain the option to change supplierI need the latest security features My program runs for another y years

ETT 2019Typical Customer Needs:

Not easy - but that’s what we’re good at

January 2019 5

Intel x86 processors are backwards compatible They can run any code developed for older processorsFor security and scalability there are now some restrictions

ETT 2019Intel Procesors

Many Intel processors now only support UEFI Class 3 BIOS (all by 2020)

Improves securityBut there is no 16-bit legacy BIOS via a Compatibility Support Module (CSM)

It is not possible to natively boot a legacy Operating System including:Windows 7 Any 32-bit OS like VxWorks 6.x, Linux 32-bit etc

ETT 2019UEFI BIOS

www.uefi.org

January 2019 6

Boot using a bare metal or hosted hypervisor Run the legacy OS and application in a Virtual MachineHas an small impact on real time performance

ETT 2019One solution

January 2019 7

Hypervisor

VMLegacy OS & Application

VMware ESXiHyper-VLynx Secure Hypervisor

VxWorks 6.xWindows NTWindows XP

Many interfaces support Single Root I/O Virtualization (SR-IOV)One physical device appears as multiple separate physical devicesEach VM has the ability to access the interface

ETT 2019VP B7x/msd Example

January 2019 8

Hypervisor

VM 1Legacy OS & Application

VM 2OS &

Application

GbE with SR-IOV

Some devices like the VMEbus interface chip are not SR-IOV capableIt works in Direct Path I/O mode

Limits one Virtual Machine to access the VMEbus interface directly

ETT 2019VP B7x/msd Example

January 2019 9

Hypervisor

VM 1Legacy OS & Application

VM 2OS &

Application

VMEbus

ETT 2019Security Timeline

200920021993 2012 2015

User access permissions

IPv6 using IPSec TPM 1.2

Bitlocker, User Account Control,

Defender

UEFISecure Boot TPM 2.0

Device Guard, Credential Guard,

Boot Guard

January 2019 10

Each level can be measured The hashes are recorded in a TPM for remote attestationSecure Boot only loads a trusted (signed) operating system bootloader

ETT 2019Trust Levels and Attestation

Application

TPM

January 2019 11

Firmware Operating System

Only measures what’s happening

ETT 2019End to end Security is needed

Loaded at our customer’s facility

Secure Application

Loaded at our factory

January 2019 12

Firmware Secure OS

Any break in this chain is a potential risk

We now sign our firmware using a private keyDuring the manufacturing process, the board is ‘fused’ to the public keyAny attempt to boot using non-authorized firmware will fail:

Verified and Measured profiles implemented with Immediate Shutdown

Maintenance updates can be done: We provide a new firmware image to the customer signed with the private key

Ensures the firmware has not been tampered with:Between leaving our factory and arriving at a customer’s siteDuring the life-cycle of the product

ETT 2019Intel Boot Guard

January 2019 13

Continue the balancing actPart of our moral and ethical duty as COTS suppliers in this space

ETT 2019Conclusion

January 2019 14

Thanks for listening

January 2019 15